FreeBSD : FreeBSD -- ipsec crash or denial of service (c0c5afef-38db-11e8-8b7f-a4badb2f469b)
High Nessus Plugin ID 108859
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe length field of the option header does not count the size of the option header itself. This causes a problem when the length is zero, the count is then incremented by zero, which causes an infinite loop.
In addition there are pointer/offset mistakes in the handling of IPv4 options. Impact : A remote attacker who is able to send an arbitrary packet, could cause the remote target machine to crash.
SolutionUpdate the affected packages.